Siebel LDAPS Encryption Fails With "554 Errstring Is SSL Handshake Failed" When Using SHA2 and Oracle LDAP Client 12.1 And Later
(Doc ID 2508361.1)
Last updated on OCTOBER 26, 2023
Applies to:
Siebel CRM - Version 8.1.1.11 [IP2013] and laterInformation in this document applies to any platform.
Symptoms
When attempting to use Certificates with SHA2 in the Oracle Wallet, the following error occurs.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility: GetLdapHandle
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility: SSL Calling lda_open_ssl
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility::ldap_open_init_ssl
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_open(<ldap_server>, 636) returns 31614c18.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility:: Invoking _ldap_init_SSL with AuthMode 1
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_init_SSL(file:/app/siebel/siebsrvr/bin, ..) returns 554 Errstring is SSL handshake failed.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_unbind(31614c18) returns 0.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_open(<ldap_server>, 636) returns 31679e78.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility:: Invoking _ldap_init_SSL with AuthMode 32
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_init_SSL(file:/app/siebel/siebsrvr/bin, ..) returns 554 Errstring is SSL handshake failed.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_unbind(31679e78) returns 0.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_open(<ldap_server>, 636) returns 31679e78.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility:: Invoking _ldap_init_SSL with AuthMode 64
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_init_SSL(file:/app/siebel/siebsrvr/bin, ..) returns 554 Errstring is SSL handshake failed.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_unbind(31679e78) returns 0.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility: GetLdapHandle returns 3
SecAdptLog Memory Mgmt Trace 5 000000045c5b01c2:0 2019-02-08 08:14:42 LDAP SecurityFreeErrMessage8, ErrMessage=30af6af0.
GenericLog GenericError 1 000000045c5b01c2:0 2019-02-08 08:14:42 (secmgr.cpp (2773) err=4597538 sys=0) SBL-SEC-10018: ldap_open failed
GenericLog GenericError 1 000000045c5b01c2:0 2019-02-08 08:14:42 (secmgr.cpp (2845) err=4597521 sys=0) SBL-SEC-10001: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.
ObjMgrSessionLog Error 1 000000045c5b01c2:0 2019-02-08 08:14:42 (physmod.cpp (9486)) SBL-DAT-00565: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.
ObjMgrSessionLog Error 1 000000045c5b01c2:0 2019-02-08 08:14:42 (model.cpp (6321)) SBL-DAT-00565: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.
ObjMgrSessionLog ObjMgrLogin 3 000000045c5b01c2:0 2019-02-08 08:14:42 Login failed for Login name : <USRENAME>
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility: SSL Calling lda_open_ssl
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility::ldap_open_init_ssl
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_open(<ldap_server>, 636) returns 31614c18.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility:: Invoking _ldap_init_SSL with AuthMode 1
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_init_SSL(file:/app/siebel/siebsrvr/bin, ..) returns 554 Errstring is SSL handshake failed.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_unbind(31614c18) returns 0.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_open(<ldap_server>, 636) returns 31679e78.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility:: Invoking _ldap_init_SSL with AuthMode 32
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_init_SSL(file:/app/siebel/siebsrvr/bin, ..) returns 554 Errstring is SSL handshake failed.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_unbind(31679e78) returns 0.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_open(<ldap_server>, 636) returns 31679e78.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility:: Invoking _ldap_init_SSL with AuthMode 64
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_init_SSL(file:/app/siebel/siebsrvr/bin, ..) returns 554 Errstring is SSL handshake failed.
SecAdptLog 3rdpartyTrace 3 000000045c5b01c2:0 2019-02-08 08:14:42 ldap_unbind(31679e78) returns 0.
SecAdptLog API Trace 4 000000045c5b01c2:0 2019-02-08 08:14:42 Ldap Utility: GetLdapHandle returns 3
SecAdptLog Memory Mgmt Trace 5 000000045c5b01c2:0 2019-02-08 08:14:42 LDAP SecurityFreeErrMessage8, ErrMessage=30af6af0.
GenericLog GenericError 1 000000045c5b01c2:0 2019-02-08 08:14:42 (secmgr.cpp (2773) err=4597538 sys=0) SBL-SEC-10018: ldap_open failed
GenericLog GenericError 1 000000045c5b01c2:0 2019-02-08 08:14:42 (secmgr.cpp (2845) err=4597521 sys=0) SBL-SEC-10001: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.
ObjMgrSessionLog Error 1 000000045c5b01c2:0 2019-02-08 08:14:42 (physmod.cpp (9486)) SBL-DAT-00565: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.
ObjMgrSessionLog Error 1 000000045c5b01c2:0 2019-02-08 08:14:42 (model.cpp (6321)) SBL-DAT-00565: An internal error has occurred within the authentication subsystem for the Siebel application. Please contact your system administrator for assistance.
ObjMgrSessionLog ObjMgrLogin 3 000000045c5b01c2:0 2019-02-08 08:14:42 Login failed for Login name : <USRENAME>
STEPS
-----------------------
1. install Oracle Client that has LDAP (Admin), version used 12.1.0.2
2. using SHA1 , it brings login page fine
3. replacing by SHA2 login page does not come
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |